vulnerability
Amazon Linux AMI: CVE-2022-23959: Security patch for varnish (ALAS-2022-1632)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:L/Au:N/C:P/I:P/A:N) | Jan 26, 2022 | Aug 24, 2022 | Aug 24, 2022 |
Severity
6
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:N)
Published
Jan 26, 2022
Added
Aug 24, 2022
Modified
Aug 24, 2022
Description
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.
Solution
amazon-linux-upgrade-varnish
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.